container-server/services/fail2ban/jail.template.local

59 lines
1.1 KiB
Text

[INCLUDES]
before = uptimerobot.local
[DEFAULT]
# Prevents banning LAN subnets
ignoreip = 127.0.0.1/8 ::1
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
${FAIL2BAN_IGNORED_IP}
%(uptimerobot_ips)s
# "bantime" is the number of seconds that a host is banned.
bantime = 1w
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 15m
# "maxretry" is the number of failures before a host get banned.
maxretry = 3
# Default banning action
banaction = iptables-allports
[sshd]
enabled = true
chain = INPUT
port = 222
logpath = %(syslog_local0)s
[gitea-auth]
enabled = true
chain = DOCKER-USER
[vaultwarden-auth]
enabled = true
chain = DOCKER-USER
[dovecot]
enabled = true
chain = DOCKER-USER
logpath = %(logs_path)s/mail/mail.log
filter = dovecot
[postfix]
enabled = true
chain = DOCKER-USER
logpath = %(logs_path)s/mail/mail.log
filter = postfix
mode = extra
[permaban]
enabled = true
chain = DOCKER-USER
filter =
bantime = -1